Oval Definition:oval:org.opensuse.security:def:95241
Revision Date:2022-06-02Version:1
Title:Security update for libarchive (Moderate)
Description:

This update for libarchive fixes the following issues:

- CVE-2022-26280: Fixed out-of-bounds read via the component zipx_lzma_alone_init (bsc#1197634). - CVE-2021-36976: Fixed use-after-free in copy_string (called from do_uncompress_block and process_block) (bsc#1188572). - CVE-2017-5601: Fixed out-of-bounds memory access preventing denial-of-service (bsc#1197634, bsc#1189528).
Family:unixClass:patch
Status:Reference(s):1022528
1185408
1185409
1185410
1185698
1188572
1189528
1197634
CVE-2017-5601
CVE-2021-3516
CVE-2021-3517
CVE-2021-3518
CVE-2021-3537
CVE-2021-36976
CVE-2022-26280
SUSE-SU-2022:1930-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE Linux Enterprise Module for Basesystem 15 SP4
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND Package Information
  • libarchive-devel-3.5.1-150400.3.3.1 is installed
  • OR libarchive13-3.5.1-150400.3.3.1 is installed
    • BACK